[gnutls-help] make check errors in system running FIPS mode

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Sep 22 08:24:00 CEST 2015

On Mon, Sep 21, 2015 at 5:27 PM, jonetsu <jonetsu at teksavvy.com> wrote:
> Hello,
> A large number of failures are reported during the tests when they are done with the kernel being in FIPS mode and the file /etc/system-fips exists.  The same compile done without these two does not report any error.
> Is there a setup to be made to run these tests when in FIPS mode ?  Does this involve the DNSSEC warning shown at the end of the configure script ?

In FIPS140-2 mode the library must have integrity tests, and if these
are not present it will fail to load. You may use the environment
variable GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS (set to 1), to skip these


More information about the Gnutls-help mailing list